Computing service systems in computing service environments are often targets for malicious attacks conducted over a computing network. These malicious attacks can potentially cause a targeted computing service system to be affected to a point that physical hosts included in the computing service system are unable to respond to legitimate network requests. For example, a DDoS (Distributed Denial of Service) attack may be a type of malicious attack that distributes a DoS (Denial of Service) program among several computing devices that in turn flood a computing service system with network packets (e.g., SYN (synchronization) packets) to initiate a network connection. The flood of network packets may cause network performance to slow resulting in system unresponsiveness for the computing service system.
In the event of a malicious attack, computing service providers may have a difficult time separating non-malicious network traffic from malicious network traffic. For example, a DDoS attack may involve multiple computing devices sending requests to perform a network action to a target computing service system. Traffic shaping or packet analysis may be one technique used to mitigate a malicious attack.